Patent · US Active

Protecting websites from cross-site scripting

US9032519B1 · kind B1 · utility

16Cited by

2References

25Claims

0Family size

Assignee

AMAZON TECHNOLOGIES, INC. · US

Inventors

Brian Evan Maher · Issaquah, US
Sachin Purushottam Joglekar · Dallas, US
Jesper Mikael Johansson · Redmond, US

Key dates

Filing date	Oct 29, 2012
Grant date	May 12, 2015
Priority date	—
Expiry date	Jan 9, 2033

Classification

Technology area (CPC H)Electricity
CPC primaryH04L67/02
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Methods and systems for protecting websites from cross-site scripting are disclosed. A request for a web page comprising a web page element is received from a client. It is determined if the web page comprises a data integrity token for the web page element. It is also determined if a value of the data integrity token matches an expected value. If the web page comprises the data integrity token and if the value matches the expected value, the web page comprising the web page element is sent to the client. If the web page does not comprise the data integrity token or if the value does not match the expected value, a protective operation is performed.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.